vue-development-guides
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to refactor and review external Vue.js projects. It lacks boundary markers or sanitization to prevent malicious instructions embedded in untrusted project code from influencing agent behavior. Ingestion points: External project files via 'refactoring or reviewing' (SKILL.md). Boundary markers: Absent. Capability inventory: File modification and code refactoring. Sanitization: Absent.
- Metadata Poisoning (MEDIUM): The author 'github.com/vuejs-ai' mimics the official Vue.js organization but is not a verified trusted source.
Recommendations
- AI detected serious security threats
Audit Metadata